Gridinsoft Logo
File Icon

The LightBurn.exe File Analysis

Updated 12 days ago
Checked by Malware Check
LightBurn.exe

Technical Analysis

File Name LightBurn.exe
File Type
Win32 EXE
Magic Bytes PE32+ executable (GUI) x86-64, for MS Windows
SSDEEP Hash
393216:Z3F9q5GLrzbHRzUONuC44/qeGWs4+fvbLSrk/jGM:Zq0XzRoONuC+efmvbLgiiM
Scanner Version 1.0.231.174
Database Version 2025-12-28 21:00:34 UTC

Suspicious File Detected

Detected by 32 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
44%
Detection Rate
18,701,176
File Size (bytes)
32/72
Engines Detected
2025-12-28
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
3de4a86d05c8e5134133a4a3b03a29c0
SHA1
afdc8a7ed8f3626dbc3905a2d9396610d724ee6c
SHA256
4bbb3114b0a9c9dd3578ea958189b01b1805bcca563a8339bab29504bff137e9
SHA512
d69db97a7f6ec4a861f5514d4b55ab1e2ebc28daf8fec9282dfb8e804ce6a32fae778a80a9a30085f5590d6aa25000d695b7ae240e873da7bad8bcfcaf5675e0
ImpHash
61c4fbb5207e31e2620b2f88b5f7279a

Security Engines with Detections (32 of 72)

Bkav
W64.AIDetectMalware Malicious
Lionic
Trojan.Win32.Themida.4!c Malicious
AVG
Win64:Malware-gen Malicious
Elastic
malicious (high confidence) Malicious
CTX
exe.trojan.themida Malicious
CAT-QuickHeal
Trojan.Ghanarava.17441357653a29c0 Malicious
Skyhigh
Artemis Malicious
Malwarebytes
Malware.AI.4231279826 Malicious
Sangfor
PUP.Win64.Agent.Vklh Malicious
K7AntiVirus
Trojan ( 005ada971 ) Malicious
K7GW
Trojan ( 005ada971 ) Malicious
CrowdStrike
win/malicious_confidence_60% (W) Malicious
Symantec
ML.Attribute.HighConfidence Malicious
ESET-NOD32
a variant of Win64/Packed.Themida.Q suspicious Malicious
Cynet
Malicious (score: 99) Malicious
Paloalto
generic.ml Malicious
Avast
Win64:Malware-gen Malicious
F-Secure
Trojan.TR/AVI.Agent.xdwti Malicious
McAfeeD
ti!4BBB3114B0A9 Malicious
Sophos
Mal/Generic-S Malicious
Varist
W64/ABApplication.KCMR-6061 Malicious
Avira
TR/AVI.Agent.xdwti Malicious
Antiy-AVL
Trojan[Packed]/Win64.Themida Malicious
Microsoft
Trojan:Win32/Kepavll!rfn Malicious
GData
Win64.Trojan.Agent.N28JC5 Malicious
Google
Detected Malicious
Cylance
Unsafe Malicious
TrendMicro-HouseCall
TROJ_GEN.R002H01DT25 Malicious
TrellixENS
Artemis!3DE4A86D05C8 Malicious
Fortinet
Riskware/Application Malicious
DeepInstinct
MALICIOUS Malicious
alibabacloud
VirTool:Win/Packed.Themida.Q Malicious
40 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: a6c5216e4405dcab0892e4f4d2675ae9
Fuzzy: 533119128a059018470c34bd30500597
dHash: b8664f3061e0c4e1
Image Base 0x140000000
Entry Point 0x141edf058
Compilation Time 2025-03-05 13:52:18
Checksum 0x011d7469 (Actual: 0x011d7469)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 35 libraries
Exports 93 functions
Resources 5 Resources
Sections 13 Sections

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
0x00001000 10,552,931 bytes 4,098,560 bytes 7.99 (Packed/Encrypted) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 6B3FEF2F6651FC0C9D0DA2CF1928AF6C
0x00a12000 9,868,296 bytes 7,951,872 bytes 7.96 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ F1B3A534DB92BEAE480FE11D6BE8C2FA
0x0137c000 1,295,672 bytes 216,576 bytes 7.96 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 86C26E06AFCF815F9B64F807B8A26974
0x014b9000 273,132 bytes 159,744 bytes 7.68 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6CA6A9A43E7ADDD7BB946321882C44C6
0x014fc000 16,072 bytes 6,656 bytes 7.93 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ E7FD80E2872711F7A5019F7ECD192DE5
0x01500000 79,340 bytes 10,752 bytes 7.88 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 846D0B5F3D3A8B4D231263E277EC5910
.edata 0x01514000 4,096 bytes 2,560 bytes 5.46 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ C942FF76B9359696D43FD873C71C7011
.idata 0x01515000 4,096 bytes 3,072 bytes 4.32 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 63F6D2AC09DE173DB46F1C16D285BCEE
.tls 0x01516000 4,096 bytes 512 bytes 0.28 (Normal) IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 8AC5F3A5709D857D10C6DC41336DC06F
.rsrc 0x01517000 16,384 bytes 16,384 bytes 5.60 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 2D0015E0C5F893026E53B455FA2A2F9D
.themida 0x0151b000 10,240,000 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.boot 0x01edf000 6,220,800 bytes 6,220,800 bytes 7.96 (Packed/Encrypted) IMAGE_SCN_CNT_CODE|IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 11EF5352821EC7F74BFE4A68817EF917
.reloc 0x024ce000 4,096 bytes 16 bytes 2.73 (Normal) IMAGE_SCN_MEM_READ 95D698291ABE17F91AD5A649AAC2A8ED
Entropy Analysis Alert

7 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 5 (15,718 bytes)
Resource Type Count Total Size Percentage
RT_ICON 3 15,032 bytes
95.6%
RT_GROUP_ICON 1 48 bytes
0.3%
RT_MANIFEST 1 638 bytes
4.1%

Certificate Chain Analysis

Certificate Information
Certificate Chain Summary
DigiCert Trusted Root G4 #1 Primary
Validity Period: 2013-08-01 12:00:00 → 2038-01-15 12:00:00
Signature Algorithm: sha384RSA
Serial Number: 05 9B 1B 57 9E 8E 21 32 E2 39 07 BD A7 77 75 5C
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 #2 Chain
Validity Period: 2021-04-29 00:00:00 → 2036-04-28 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 08 AD 40 B2 60 D2 9C 4C 9F 5E CD A9 BD 93 AE D9
LightBurn Software, LLC #3 Chain
Validity Period: 2024-05-13 00:00:00 → 2027-07-08 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 06 FC B3 95 8D 91 47 F3 D9 5F E7 2F 2A 84 B0 2B
DigiCert Timestamp 2024 #4 Chain
Validity Period: 2024-09-26 00:00:00 → 2035-11-25 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0B AE 66 BC 5A BA 7F 95 87 C6 F9 E9 04 E3 33 04
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA #5 Chain
Validity Period: 2022-03-23 00:00:00 → 2037-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 07 36 37 B7 24 54 7C D8 47 AC FD 28 66 2A 5E 5B
DigiCert Trusted Root G4 #6 Chain
Validity Period: 2022-08-01 00:00:00 → 2031-11-09 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 0E 9B 18 8E F9 D0 2D E7 EF DB 50 E2 08 40 18 5A

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
32 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for
/

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now
Gridinsoft Anti-Malware